|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2016-03-10 07:03 UTC] laruence@php.net
[2016-03-10 07:03 UTC] laruence@php.net
-Status: Open
+Status: Closed
[2016-03-10 08:36 UTC] ab@php.net
[2016-07-20 11:33 UTC] davey@php.net
[2018-11-23 09:22 UTC] dragondreamer at live dot com
-: temp at temp dot ru
+: dragondreamer at live dot com
[2018-11-23 09:22 UTC] dragondreamer at live dot com
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Wed Jul 02 07:01:33 2025 UTC |
Description: ------------ There're several places in Zend code where invalid (zero) pointers can be dereferenced. 1. zend_execute_API.c, zend_call_function function: if (error) { zend_error(E_WARNING, "Invalid callback %s, %s", ZSTR_VAL(callable_name), error); // <-- Access to callable_name->val efree(error); } if (callable_name) { // <-- later check if callable_name is not NULL zend_string_release(callable_name); } 2. zend_execute_API.c, zend_call_function function (again): if (func->common.fn_flags & ZEND_ACC_ABSTRACT) { zend_throw_error(NULL, "Cannot call abstract method %s::%s()", ZSTR_VAL(func->common.scope->name), ZSTR_VAL(func->common.function_name)); // <-- Access to func->common.scope->name return FAILURE; } if (func->common.fn_flags & ZEND_ACC_DEPRECATED) { zend_error(E_DEPRECATED, "Function %s%s%s() is deprecated", func->common.scope ? ZSTR_VAL(func->common.scope->name) : "", // <-- Later check if func->common.scope is not NULL func->common.scope ? "::" : "", ZSTR_VAL(func->common.function_name)); } 3. zend_virtual_cwd.c, realpath_cache_key function: const char *e = bucket_key + strlen(bucket_key); // <-- Access to bucket_key buffer if (!bucket_key) { // <-- Later check if bucket_key is not NULL return 0; }